User Name
Password
AppleNova Forums » Programmer's Nook »

HALP! WordPress Account Hacked


Register Members List Calendar Search FAQ Posting Guidelines
HALP! WordPress Account Hacked
Thread Tools
Moogs
Hates the Infotainment
 
Join Date: May 2004
Location: NSA Archives
 
2010-08-31, 20:36

Some dickbag hacked my account with the

<?php
// Silence is golden.
?>

"thing"

I need to back up my database, clear out all the WP stuff and re-install.

I think too I'd rather do this manually then through my cP because my dumbass host is still using 2.8.4, etc. Any idea if there is an installer package that can do this via FTP / Coda? Maybe I caused problems for myself when I tried to upgrade to 3.0 from that but everything seemed to work for several weeks. THinking maybe I should uninstall all of my cP's older versions of mySQL, etc and manually install them all?

Anyway I need to re-install my content after I've cleared re-installed a new theme, etc. Can anyone tell me which folders or files those are? I use the WP Dashboard / CP only and have no idea where these files are located. Don't want to miss anything.

Also: any recommendations on the most secure versions of WP / mySQL / (or most secure combinations)?

...into the light of a dark black night.
  quote
Moogs
Hates the Infotainment
 
Join Date: May 2004
Location: NSA Archives
 
2010-08-31, 21:01

Just figured out how to backup the Database (I think).

I followed the PMA instructions here... is this sufficient?
  quote
turtle
Lord of the Rant.
Formerly turtle2472
 
Join Date: Mar 2005
Location: Upstate South Carolina
 
2010-08-31, 21:25

How did this happen? Was it due to an out of date version of WP or is it something I should watch out for?
  quote
drewprops
Space Pirate
 
Join Date: May 2004
Location: Atlanta
 
2010-08-31, 21:51

LOL!!!
that's SUPPOSED to be there!!


Apparently in WordPress it's a security risk to leave a directory WITHOUT an index file. Download and take a look at the newest version of WP, it's in there from the start.

LOL
relax!

But learn how to back your shit up.


...
  quote
Moogs
Hates the Infotainment
 
Join Date: May 2004
Location: NSA Archives
 
2010-08-31, 22:07

Hrm. Quit making fun of me you php nerd!

I saw some threads on their support forum that indicated it might be a hack. Also there is a plugin specifically designed to avoid this silence is golden (SIG) thing, so what's that all about? Confuzshun... I has it.


Oh well. Did I back my stuff up right then? Do you guys think it's wise to uninstall my old WP from cP and install the newest version via download (same with mySQL)?

...into the light of a dark black night.
  quote
Gargoyle
http://ga.rgoyle.com
 
Join Date: May 2004
Location: In your dock hiding behind your finder icon!
 
2010-09-01, 16:53

Not just a wordpress issue, but a webserver config option.

If you don't have an index file - some servers are configured to show you a list of the files which could be considered insecure depending on the exact contents of the directory, so the quickest way round it is to have a blank index.php/.html file.

OK, I have given up keeping this sig up to date. Lets just say I'm the guy that installs every latest version as soon as its available!
  quote
Moogs
Hates the Infotainment
 
Join Date: May 2004
Location: NSA Archives
 
2010-09-01, 17:51

I see, says the blind man. Well live and learn. Still trying to decide if I should wipe everything out now and re-intall WP manually. Meantime I installed a security plugin thing that was highly rated. Haven't used it to scan stuff yet though.

...into the light of a dark black night.
  quote
Posting Rules Navigation
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Post Reply

Forum Jump
Thread Tools
Similar Threads
Thread Thread Starter Forum Replies Last Post
XSLT halp - convert elements to XPath Kickaha Programmer's Nook 1 2009-10-20 15:18
Hacked!!!! alcimedes Feedback 122 2005-11-02 23:31
Will OS X be hacked for AMD and clones? ezkcdude Speculation and Rumors 29 2005-06-06 23:54
iChat confusion .mac account, AIM account oldmacfan Genius Bar 1 2005-03-25 23:38


« Previous Thread | Next Thread »

All times are GMT -5. The time now is 21:00.


Powered by vBulletin®
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004 - 2024, AppleNova